Re: SVC vs APF and other 'privileged' code

Thu, 21 Jun 2007 23:22:27 -0700 

Arthur T. wrote:
On 21 Jun 2007 14:03:20 -0700, in bit.listserv.ibm-main (Message-ID:<[EMAIL PROTECTED]>) [EMAIL PROTECTED] (R.S.) wrote: 


From time to time I read on the list about companies which demand ISVs 
to provide source code for SVC routines to analyze it from security 
point of view.
While I don't know to much about z/OS 'guts', I'm wondering what is 
the reason for that? Or rather, why the SVC code is so important, 
while APF-authorized libraries are not subject to analyze. The same 
apply to propgrams in SCHEDxx members.
AFAIK (I could be wrong) APF-authorized program can bypass security 
rules, so it can be dangeours. Is SVC more dangerous ?



     What follows is a mixture of facts, opinion, and experience.  I am 
not pointing a finger at any particular companies or software packages.



     SVCs are useful, in part, in that they can perform authorized 
functions when called from non-authorized programs.  Therefore, they 
need to be extra-careful that they do not perform functions when they 
oughtn't.  An authorized program to, for instance, issue an MVS command 
is relatively safe because it can be called only from another authorized 
program.  An SVC to do the same needs to do extensive checking to be 
sure the caller is authorized to issue the command.



     Many companies, and some software packages, even have "get yourself 
authorized" SVCs.  If you know the secret software handshake, you can 
make your non-authorized program authorized.  Some of these SVCs do 
better jobs than others of assuring that they came from programs which 
are to be trusted.  Regardless, they're frowned on by auditors.


First, I want to THANK YOU for clarification. Now it's more clear for me.

However both code - APF and SVC can be poor. Both can be invoked, APF 
program can be invoked directly - it is still a risk it could accept 
'magic parameters' and do something wrong. For example I imagine DSS 
program clone which accept ADMIN keyword without further authorization. 
In other words - both kinds of code can be dangerous when poorly written 
or contain 'backdoors'.



Regards
--
Radoslaw Skorupka
Lodz, Poland


--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl


Sd Rejonowy dla m. st. Warszawy 
XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, 
nr rejestru przedsibiorców KRS 0000025237

NIP: 526-021-50-88
Wedug stanu na dzie 01.01.2007 r. kapita zakadowy BRE Banku SA (w caoci 
opacony) wynosi 118.064.140 z. W zwizku z realizacj warunkowego 
podwyszenia kapitau zakadowego, na podstawie uchwa XVI WZ z dnia 21.05.2003 
r., kapita zakadowy BRE Banku SA moe ulec podwyszeniu do kwoty 118.760.528 
z. Akcje w podwyszonym kapitale zakadowym bd w caoci opacone.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html























					Reply via email to